CVE-2020-7644

Name of the Vulnerable Software and Affected Versions fun-map versions 3.3.1 and earlier

Description The issue concerns Prototype Pollution, where the assocInM function can be tricked into adding or modifying properties of Object.prototype using a proto payload. This allows for potential manipulation of the object prototype.

Recommendations For fun-map versions 3.3.1 and earlier, consider restricting the use of the assocInM function until a patch is available to prevent potential prototype pollution attacks. As a temporary workaround, avoid using the proto payload in the affected function to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.